From f637dd3cfc19ff7e55e632ef214a11399343c3fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=93scar=20Garc=C3=ADa=20Amor?= <ogarcia@connectical.com>
Date: Sun, 17 Feb 2019 14:15:18 +0100
Subject: [PATCH] Improved pkg with sysusers and tmpfiles

---
 .SRCINFO       |  6 +++++-
 .gitignore     |  2 ++
 PKGBUILD       | 14 +++++++++++---
 vault.install  |  7 -------
 vault.sysusers |  1 +
 vault.tmpfiles |  2 ++
 6 files changed, 21 insertions(+), 11 deletions(-)
 create mode 100644 vault.sysusers
 create mode 100644 vault.tmpfiles

diff --git a/.SRCINFO b/.SRCINFO
index adcb3f0..2a3fe84 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = vault-bin
 	pkgdesc = A tool for managing secrets
 	pkgver = 1.0.3
-	pkgrel = 1
+	pkgrel = 2
 	url = https://vaultproject.io/
 	install = vault.install
 	arch = i686
@@ -13,9 +13,13 @@ pkgbase = vault-bin
 	conflicts = vault
 	conflicts = vault-git
 	backup = etc/vault.hcl
+	source = vault.tmpfiles
+	source = vault.sysusers
 	source = vault.service
 	source = vault.hcl
 	source = LICENSE
+	sha512sums = aa56041c53434195dbf544ce9bf18d7bfb530bf65c9b692163621185b0a46035273a4eeda6454ceb93201117f23662e44ac9c88eda3cf12153cdce40df0fde09
+	sha512sums = 92616ccf83fa5ca9f8b0d022cf8ceb1f3549e12b66bf21d9f77f3eb26bd75ec1dc36c155948ec987c642067b85fbfc30a9217d6c503d952a402aa5ef63e50928
 	sha512sums = a97d10208fd99b29cf532c9b5882fe1bbb3faee1d1d706f95a9c379fef461c65a9f16c8530438920024e69871ebd8c7329e6b65025ad65092950bfb74ce393b3
 	sha512sums = 8f8769f2c285f77b10c1f96e43acb233c70509ca657a8113f9d1f13a73ba55de6acdc6984597a4e1da19d6a7748e05f3523461a3b4bce10b9541aa5340400dd6
 	sha512sums = dd6de68678d972517c135992217f625a3bc728a6495e1f6052df9926cf9cbc212dfa2a612be5a25d7ce5eeeef41e2b12f0d82af6176a6e0ca043b43c622c6347
diff --git a/.gitignore b/.gitignore
index eb764ec..e226e9f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,5 @@
 !vault.hcl
 !vault.install
 !vault.service
+!vault.sysusers
+!vault.tmpfiles
diff --git a/PKGBUILD b/PKGBUILD
index b0c257e..eebcf42 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,7 +1,7 @@
 pkgname='vault-bin'
 pkgdesc='A tool for managing secrets'
 pkgver='1.0.3'
-pkgrel=1
+pkgrel=2
 url='https://vaultproject.io/'
 license=('MPL')
 arch=('i686' 'x86_64' 'armv7h' 'aarch64')
@@ -9,14 +9,18 @@ depends=('glibc')
 conflicts=('vault' 'vault-git')
 install='vault.install'
 backup=('etc/vault.hcl')
-source=('vault.service'
+source=('vault.tmpfiles'
+        'vault.sysusers'
+        'vault.service'
         'vault.hcl'
         'LICENSE')
 source_i686=("https://releases.hashicorp.com/vault/${pkgver}/vault_${pkgver}_linux_386.zip")
 source_x86_64=("https://releases.hashicorp.com/vault/${pkgver}/vault_${pkgver}_linux_amd64.zip")
 source_armv7h=("https://releases.hashicorp.com/vault/${pkgver}/vault_${pkgver}_linux_arm.zip")
 source_aarch64=("https://releases.hashicorp.com/vault/${pkgver}/vault_${pkgver}_linux_arm64.zip")
-sha512sums=('a97d10208fd99b29cf532c9b5882fe1bbb3faee1d1d706f95a9c379fef461c65a9f16c8530438920024e69871ebd8c7329e6b65025ad65092950bfb74ce393b3'
+sha512sums=('aa56041c53434195dbf544ce9bf18d7bfb530bf65c9b692163621185b0a46035273a4eeda6454ceb93201117f23662e44ac9c88eda3cf12153cdce40df0fde09'
+            '92616ccf83fa5ca9f8b0d022cf8ceb1f3549e12b66bf21d9f77f3eb26bd75ec1dc36c155948ec987c642067b85fbfc30a9217d6c503d952a402aa5ef63e50928'
+            'a97d10208fd99b29cf532c9b5882fe1bbb3faee1d1d706f95a9c379fef461c65a9f16c8530438920024e69871ebd8c7329e6b65025ad65092950bfb74ce393b3'
             '8f8769f2c285f77b10c1f96e43acb233c70509ca657a8113f9d1f13a73ba55de6acdc6984597a4e1da19d6a7748e05f3523461a3b4bce10b9541aa5340400dd6'
             'dd6de68678d972517c135992217f625a3bc728a6495e1f6052df9926cf9cbc212dfa2a612be5a25d7ce5eeeef41e2b12f0d82af6176a6e0ca043b43c622c6347')
 sha256sums_i686=('ddc7348803ec95c16a2af67be4bcf1f5dd6f3230223cc1ca8048697b35a763c6')
@@ -30,4 +34,8 @@ package () {
   install -Dm644 "${srcdir}/vault.hcl" "${pkgdir}/etc/vault.hcl"
   install -Dm644 "${srcdir}/vault.service" \
     "${pkgdir}/usr/lib/systemd/system/vault.service"
+  install -Dm644 "${srcdir}/vault.sysusers" \
+    "${pkgdir}/usr/lib/sysusers.d/vault.conf"
+  install -Dm644 "${srcdir}/vault.tmpfiles" \
+    "${pkgdir}/usr/lib/tmpfiles.d/vault.conf"
 }
diff --git a/vault.install b/vault.install
index 38ab77f..aa973ae 100644
--- a/vault.install
+++ b/vault.install
@@ -1,13 +1,6 @@
 # vim: ft=sh ts=4 sw=4 et
 
 post_install () {
-    getent passwd vault > /dev/null || useradd \
-        -s /bin/nologin -c 'Vault daemon' -d /var/lib/vault -M -r -U vault
-    if [[ ! -d /var/lib/vault ]] ; then
-        mkdir /var/lib/vault
-        chown vault:vault /var/lib/vault
-    fi
-
     cat <<EOF
 
 The default configuration stores data in files under "/var/lib/vault",
diff --git a/vault.sysusers b/vault.sysusers
new file mode 100644
index 0000000..93e8223
--- /dev/null
+++ b/vault.sysusers
@@ -0,0 +1 @@
+u vault - "Vault daemon" /var/lib/vault
diff --git a/vault.tmpfiles b/vault.tmpfiles
new file mode 100644
index 0000000..c7c6ec8
--- /dev/null
+++ b/vault.tmpfiles
@@ -0,0 +1,2 @@
+d /var/lib/vault   0755 vault vault
+x /var/lib/vault/*